LWP::UserAgent single session

adismaug has asked for the wisdom of the Perl Monks concerning the following question:

Dear monks,
I am using perl LWP::UserAgent to automate an SSL site test.
Recently a security device was introduced that allow only a single TCP socket from my management station which needs to stay open for all requests.
This means that I have to send multiple get on a single TCP socket (TCP multiplexing) but the script I used so far opens and close a new TCP socket for each HTTP get.
How can I use one TCP socket to perform multiple HTTP get?
Your help please.

#!/usr/bin/perl
use strict;
use warnings;


use LWP::UserAgent;

my $url = 'https://tets.test.com/';

my $ua = LWP::UserAgent->new;
for (1..100){
    $ua->default_header('X-Forwarded-For' =>  "2.2.2.2");
    my $response = $ua->get( $url );

    $response->is_success or
        die "Failed to GET '$url': ", $response->status_line;

    print $response->as_string;
}
[download]

Regards, Adi.

Comment on LWP::UserAgent single session Download Code

Replies are listed 'Best First'.
Re: LWP::UserAgent single session by Corion (Patriarch) on Feb 14, 2010 at 20:56 UTC
See LWP::ConnCache and likely the `Connection: keep-alive` header.	[reply] [d/l]
Re^2: LWP::UserAgent single session by adismaug (Acolyte) on Feb 15, 2010 at 08:11 UTC
Dear Corion, Thanks for the advice, I used the following script: `#!/usr/local/bin/perl use LWP::UserAgent; use LWP::ConnCache; my $browser = LWP::UserAgent->new(conn_cache => 1); $browser->conn_cache(LWP::ConnCache->new()); my @lines = qw(9.9.9.9 8.8.8.8 7.7.7.7 6.6.6.6 5.5.5.5); my $start = time; my $url = 'https://xxx.xxx.com/'; my $count = 0; foreach (@lines) { my $response = $browser->get( $url, 'X-Forwarded-For' => $_, ); print $response->as_string; $count += length $_; sleep(1); } print time() - $start; print " secs\n$count\n";` [download]	[reply] [d/l]
Re: LWP::UserAgent single session by CountZero (Bishop) on Feb 15, 2010 at 05:19 UTC
Pray, tell us what is the security concept behind allowing only one TCP-socket to be open? CountZero A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James	[reply]
Re^2: LWP::UserAgent single session by adismaug (Acolyte) on Feb 15, 2010 at 05:57 UTC
Well, the device is Radware Defense Pro, an intrusion detection system. Since the server, application are critical and the management station open a huge number of TCP sockets it was decided that all traffic should traverse a single TCP socket so there will be no DOS to the server. Any idea on how to accomplish that? Regards.	[reply]
Re^3: LWP::UserAgent single session by CountZero (Bishop) on Feb 15, 2010 at 07:56 UTC
Thank you for your answer. I am no security specialist, but the "single TCP socket" seems a rather crude solution to me, esp. since Radware Defense prides itself to protect against high frequency flooding attacks. I cannot imagine that it does so by funneling all connections through a single socket and thus reducing network speed to a crawl. Also what are the chances that the management station gets subverted? Isn't that within a safe zone? CountZero A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James	[reply]
Re^2: LWP::UserAgent single session by ambrus (Abbot) on Feb 15, 2010 at 13:11 UTC
Encouraging only a single tcp connection can make downloading a lot faster when there are lots of small files. That's why browsers are doing that too: websites often refer to lots of small images. Update: this is of course even more true for https then for http.	[reply]
Re^3: LWP::UserAgent single session by CountZero (Bishop) on Feb 15, 2010 at 18:51 UTC
That must be because the time used for setting up and tearing down the TCP socket connection is significant relative to the time spent in transmitting the data, but I fail to see what security implications it has. CountZero A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James	[reply]